package org.jruby.ext.openssl;

import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.DHPrivateKeySpec;
import javax.crypto.spec.DHPublicKeySpec;
import org.jruby.Ruby;
import org.jruby.RubyBoolean;
import org.jruby.RubyClass;
import org.jruby.RubyHash;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.x509store.PEMInputOutput;
import org.jruby.runtime.Arity;
import org.jruby.runtime.ObjectAllocator;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.Visibility;
import org.jruby.runtime.builtin.IRubyObject;
import org.jruby.util.ByteList;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/PKeyDH.class */
public class PKeyDH extends PKey {
    private static final long serialVersionUID = -1893518804744046740L;
    private static final int OPENSSL_DH_MAX_MODULUS_BITS = 10000;
    private volatile transient BigInteger dh_p;
    private volatile transient BigInteger dh_g;
    private volatile transient BigInteger dh_y;
    private volatile transient BigInteger dh_x;
    private static final BigInteger TWO = BN.TWO;
    private static final ObjectAllocator ALLOCATOR = new ObjectAllocator() { // from class: org.jruby.ext.openssl.PKeyDH.1
        /* renamed from: allocate, reason: merged with bridge method [inline-methods] */
        public PKeyDH m846allocate(Ruby ruby, RubyClass rubyClass) {
            return new PKeyDH(ruby, rubyClass);
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void createPKeyDH(Ruby ruby, RubyModule rubyModule, RubyClass rubyClass, RubyClass rubyClass2) {
        RubyClass defineClassUnder = rubyModule.defineClassUnder(CipherStrings.SSL_TXT_DH, rubyClass, ALLOCATOR);
        rubyModule.defineClassUnder("DHError", rubyClass2, rubyClass2.getAllocator());
        defineClassUnder.defineAnnotatedMethods(PKeyDH.class);
    }

    public static RaiseException newDHError(Ruby ruby, String str) {
        return Utils.newError(ruby, _PKey(ruby).getClass("DHError"), str);
    }

    public PKeyDH(Ruby ruby, RubyClass rubyClass) {
        super(ruby, rubyClass);
    }

    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        PKeyDH pKeyDH = (PKeyDH) iRubyObject;
        this.dh_p = pKeyDH.dh_p;
        this.dh_g = pKeyDH.dh_g;
        this.dh_y = pKeyDH.dh_y;
        this.dh_x = pKeyDH.dh_x;
        return this;
    }

    @JRubyMethod(name = {"initialize"}, rest = true, visibility = Visibility.PRIVATE)
    public synchronized IRubyObject initialize(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        Ruby ruby = threadContext.runtime;
        if (this.dh_p != null || this.dh_g != null || this.dh_y != null || this.dh_x != null) {
            throw newDHError(ruby, "illegal initialization");
        }
        int checkArgumentCount = Arity.checkArgumentCount(ruby, iRubyObjectArr, 0, 2);
        if (checkArgumentCount > 0) {
            IRubyObject iRubyObject = iRubyObjectArr[0];
            if (checkArgumentCount == 1 && (iRubyObject instanceof RubyString)) {
                try {
                    DHParameterSpec readDHParameters = PEMInputOutput.readDHParameters(new StringReader(iRubyObject.toString()));
                    if (readDHParameters == null) {
                        readDHParameters = org.jruby.ext.openssl.impl.PKey.readDHParameter(iRubyObject.asString().getByteList().bytes());
                    }
                    if (readDHParameters == null) {
                        throw ruby.newArgumentError("invalid DH PARAMETERS");
                    }
                    this.dh_p = readDHParameters.getP();
                    this.dh_g = readDHParameters.getG();
                } catch (IOException e) {
                    throw ruby.newIOErrorFromException(e);
                } catch (NoClassDefFoundError e2) {
                    throw newDHError(ruby, OpenSSL.bcExceptionMessage(e2));
                }
            } else {
                int fix2int = RubyNumeric.fix2int(iRubyObject);
                int fix2int2 = checkArgumentCount == 2 ? RubyNumeric.fix2int(iRubyObjectArr[1]) : 2;
                try {
                    BigInteger generateP = generateP(fix2int, fix2int2);
                    BigInteger valueOf = BigInteger.valueOf(fix2int2);
                    BigInteger generateX = generateX(generateP);
                    BigInteger generateY = generateY(generateP, valueOf, generateX);
                    this.dh_p = generateP;
                    this.dh_g = valueOf;
                    this.dh_x = generateX;
                    this.dh_y = generateY;
                } catch (IllegalArgumentException e3) {
                    throw ruby.newArgumentError(e3.getMessage());
                }
            }
        }
        return this;
    }

    public static BigInteger generateP(int i, int i2) {
        if (i < 2) {
            throw new IllegalArgumentException("invalid bit length");
        }
        if (i2 < 2) {
            throw new IllegalArgumentException("invalid generator");
        }
        switch (i2) {
            case 2:
                return BN.generatePrime(i, true, BigInteger.valueOf(24L), BigInteger.valueOf(11L));
            case 5:
                return BN.generatePrime(i, true, BigInteger.valueOf(10L), BigInteger.valueOf(3L));
            default:
                return BN.generatePrime(i, true, TWO, BigInteger.ONE);
        }
    }

    public static BigInteger generateX(BigInteger bigInteger, int i) {
        BigInteger bigInteger2;
        if (i < 0) {
            throw new IllegalArgumentException("invalid limit");
        }
        SecureRandom secureRandom = new SecureRandom();
        if (i == 0) {
            BigInteger subtract = bigInteger.subtract(TWO);
            do {
                bigInteger2 = BN.randomIntegerInRange(subtract, secureRandom);
            } while (bigInteger2.equals(BigInteger.ZERO));
            return bigInteger2;
        }
        do {
            bigInteger2 = new BigInteger(i, 0, secureRandom);
        } while (bigInteger2.equals(BigInteger.ZERO));
        return bigInteger2;
    }

    public static BigInteger generateX(BigInteger bigInteger) {
        return generateX(bigInteger, bigInteger.bitLength() - 1);
    }

    public static BigInteger generateY(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
        return bigInteger2.modPow(bigInteger3, bigInteger);
    }

    public static BigInteger generateY(BigInteger bigInteger, int i, BigInteger bigInteger2) {
        return generateY(bigInteger, BigInteger.valueOf(i), bigInteger2);
    }

    @JRubyMethod(name = {"generate_key!"})
    public synchronized IRubyObject generate_key() {
        BigInteger bigInteger;
        BigInteger bigInteger2 = this.dh_p;
        if (bigInteger2 == null || (bigInteger = this.dh_g) == null) {
            throw newDHError(getRuntime(), "can't generate key");
        }
        BigInteger bigInteger3 = this.dh_x;
        BigInteger bigInteger4 = bigInteger3;
        if (bigInteger3 == null) {
            bigInteger4 = generateX(bigInteger2);
        }
        BigInteger generateY = generateY(bigInteger2, bigInteger, bigInteger4);
        this.dh_x = bigInteger4;
        this.dh_y = generateY;
        return this;
    }

    @JRubyMethod(name = {"compute_key"})
    public synchronized IRubyObject compute_key(IRubyObject iRubyObject) {
        BigInteger bigInteger;
        BigInteger asBigInteger = BN.asBigInteger(iRubyObject);
        if (asBigInteger == null) {
            throw getRuntime().newArgumentError("invalid public key");
        }
        BigInteger bigInteger2 = this.dh_x;
        if (bigInteger2 == null || (bigInteger = this.dh_p) == null) {
            throw newDHError(getRuntime(), "incomplete DH");
        }
        int bitLength = bigInteger.bitLength();
        if (bitLength == 0 || bitLength > OPENSSL_DH_MAX_MODULUS_BITS) {
            throw newDHError(getRuntime(), "can't compute key");
        }
        return getRuntime().newString(new ByteList(computeKey(asBigInteger, bigInteger2, bigInteger), false));
    }

    public static byte[] computeKey(BigInteger bigInteger, BigInteger bigInteger2, BigInteger bigInteger3) {
        return bigInteger.modPow(bigInteger2, bigInteger3).toByteArray();
    }

    @JRubyMethod(name = {"public?"})
    public RubyBoolean public_p() {
        return getRuntime().newBoolean(this.dh_y != null);
    }

    @Override // org.jruby.ext.openssl.PKey
    public boolean isPrivateKey() {
        return this.dh_x != null;
    }

    @JRubyMethod(name = {"private?"})
    public RubyBoolean private_p() {
        return getRuntime().newBoolean(isPrivateKey());
    }

    @Override // org.jruby.ext.openssl.PKey
    @JRubyMethod(name = {"to_pem", "to_s"}, alias = {"export"}, rest = true)
    public RubyString to_pem(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        BigInteger bigInteger;
        BigInteger bigInteger2;
        synchronized (this) {
            bigInteger = this.dh_p;
            bigInteger2 = this.dh_g;
        }
        StringWriter stringWriter = new StringWriter();
        try {
            PEMInputOutput.writeDHParameters(stringWriter, new DHParameterSpec(bigInteger, bigInteger2));
            return RubyString.newString(getRuntime(), stringWriter.getBuffer());
        } catch (IOException e) {
            throw getRuntime().newIOErrorFromException(e);
        } catch (NoClassDefFoundError e2) {
            throw newDHError(getRuntime(), OpenSSL.bcExceptionMessage(e2));
        }
    }

    @Override // org.jruby.ext.openssl.PKey
    @JRubyMethod(name = {"to_der"})
    public RubyString to_der() {
        BigInteger bigInteger;
        BigInteger bigInteger2;
        synchronized (this) {
            bigInteger = this.dh_p;
            bigInteger2 = this.dh_g;
        }
        try {
            return StringHelper.newString(getRuntime(), org.jruby.ext.openssl.impl.PKey.toDerDHKey(bigInteger, bigInteger2));
        } catch (IOException e) {
            throw newDHError(getRuntime(), e.getMessage());
        } catch (NoClassDefFoundError e2) {
            throw newDHError(getRuntime(), OpenSSL.bcExceptionMessage(e2));
        }
    }

    @JRubyMethod(name = {"params"})
    public IRubyObject params() {
        BigInteger bigInteger;
        BigInteger bigInteger2;
        BigInteger bigInteger3;
        BigInteger bigInteger4;
        synchronized (this) {
            bigInteger = this.dh_p;
            bigInteger2 = this.dh_g;
            bigInteger3 = this.dh_x;
            bigInteger4 = this.dh_y;
        }
        Ruby runtime = getRuntime();
        HashMap hashMap = new HashMap();
        hashMap.put(runtime.newString("p"), BN.newBN(runtime, bigInteger));
        hashMap.put(runtime.newString("g"), BN.newBN(runtime, bigInteger2));
        hashMap.put(runtime.newString("pub_key"), BN.newBN(runtime, bigInteger3));
        hashMap.put(runtime.newString("priv_key"), BN.newBN(runtime, bigInteger4));
        return RubyHash.newHash(runtime, hashMap, runtime.getNil());
    }

    @JRubyMethod(name = {"p"})
    public IRubyObject get_p() {
        return newBN(this.dh_p);
    }

    @JRubyMethod(name = {"p="})
    public synchronized IRubyObject set_p(IRubyObject iRubyObject) {
        this.dh_p = BN.asBigInteger(iRubyObject);
        return iRubyObject;
    }

    @JRubyMethod(name = {"g"})
    public IRubyObject get_g() {
        return newBN(this.dh_g);
    }

    @JRubyMethod(name = {"g="})
    public synchronized IRubyObject set_g(IRubyObject iRubyObject) {
        this.dh_g = BN.asBigInteger(iRubyObject);
        return iRubyObject;
    }

    @JRubyMethod(name = {"pub_key"})
    public IRubyObject pub_key() {
        return newBN(this.dh_y);
    }

    @Override // org.jruby.ext.openssl.PKey
    public PublicKey getPublicKey() {
        try {
            return getKeyFactory().generatePublic(new DHPublicKeySpec(this.dh_y, this.dh_p, this.dh_g));
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    @JRubyMethod(name = {"pub_key="})
    public synchronized IRubyObject set_pub_key(IRubyObject iRubyObject) {
        this.dh_y = BN.asBigInteger(iRubyObject);
        return iRubyObject;
    }

    @JRubyMethod(name = {"priv_key"})
    public IRubyObject priv_key() {
        return newBN(this.dh_x);
    }

    @Override // org.jruby.ext.openssl.PKey
    public PrivateKey getPrivateKey() {
        try {
            return getKeyFactory().generatePrivate(new DHPrivateKeySpec(this.dh_x, this.dh_p, this.dh_g));
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    @JRubyMethod(name = {"priv_key="})
    public synchronized IRubyObject set_priv_key(IRubyObject iRubyObject) {
        this.dh_x = BN.asBigInteger(iRubyObject);
        return iRubyObject;
    }

    private IRubyObject newBN(BigInteger bigInteger) {
        return bigInteger == null ? getRuntime().getNil() : BN.newBN(getRuntime(), bigInteger);
    }

    private static KeyFactory getKeyFactory() {
        try {
            return SecurityHelper.getKeyFactory("DiffieHellman");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }
}
